… and much to lose. AOSP is open-source to invite developers to port Android to new phones, giving Google more Play devices. Closing Android would immediately reduce Google’s profit. And that line MUST go up
1 Like
This is FUD. There is no law mandating backdoors, unlike in China where the law is very vague. They can access unencrypted data, but can’t force to disable encryption. Again, unlike in China where companies can’t have proper E2EE.
1 Like
Like how the U.S. can order companies to turn over their SSL keys?
It seems companies aren’t guaranteed the right to encryption in the U.S. either. Even if they were, encryption regulations are besides the point. I was discussing hardware backdoors which don’t require you to defeat or prohibit cryptography. If you compromise a device, you compromise the private keys it holds.
1 Like
A court case from 13 years ago, before SSL was even commonplace, much less understood by courts, does not exactly prove your point.
2 Likes
Attempting to point to cryptography law in a discussion of hardware backdoors doesn’t refute my point either, it’s a red herring.
If you strip a story of all information and vaguely refer to it as merely some “court case”, yeah that doesn’t sound interesting. The story was actually about the U.S. government successfully using national security letters to retrieve sensitive information such as private keys. Where’s the ambiguity of what actually happened?
NSLs usually have nondisclosure requirements (as I believe was the case with Lavabit) which gag NSL recipients from speaking about it. We’re lucky to have even heard about the Lavabit case. If neither the laws, interests, nor practices of American mass surveillance has improved in that time, why should we expect things to be much better today?
You’re free to assume the best of such malevolent entities, but with everything we know about the U.S. government’s interests and known practices regarding mass surveillance, I’d say it’d be very naive to do so.
4 Likes
First, this wasn’t an executive decision, it was decided because they had a judicial warrant, and that Lavabit was deemeed in contempt.
Second, this concerned an individual account.
Third, I stand by my statement. They asked Lavabit to hand some data they had. Not to change their architecture. Lavabit wasn’t end to end encrypted, or not properly so, as shown that they had the keys to decrypt.
2 Likes
China outlaws encryption. So you can’t even develop something private there.
Backdoors aren’t the same as vulnerabilities. When you say backdoor you assume the company is allowing some to bypass normal security measures. Meaning the company cooperates. Apple actually refused a FBI demand to unlock an iPhone used by a terrorist.
No one disputed the american government - much like the Chinese government - disregards privacy and practices mass surveillance. The d
disagreement is how it can actually force companies to cooperate.
Maybe because encryption is much more widespread. HTTPS now is the default. Browser have much stronger isolation, just like on mobile phones.
2 Likes
I guess actually AI slop picture.
2 Likes
Honestly i think some kind of enterprise offering would be great. It could also raise the bar and push out these less/fake secure phones.
If the demand for GrapheneOS is set by enterprises it is also more likely to stay around in terms of support and funding.
Besides that i think a way to manage a fleet of secured phones would be awesome.
8 Likes
While all the hints pointed to Motorola, I never thougt GrapheneOS would go on partnership with chinese company. That is pretty grazy stuff. Still I think Signature is absolutely great phone with weight similer to 6,3 inch Pixel 9a. It will be pretty interesting when/if we get Signature 2 with GrapheneOS next year. Maybe they include up-to-date processor and bigger battery. Then it would be perfect phone, except that chinese ownership.
1 Like
Personally I’m pretty happy that the OEM is Motorola.
People that need privacy the most can benefit from burner devices.
Pixel phones and iPhones are too expensive for most to use as burner devices. A quick search of Walmart for Motorola phones shows they are $100 - $300. This price range enables truly secure burner phones.
1 Like
Regardless of the OEM the supported devices will be flagships well above such a price range.
2 Likes
It’s not Motorola’s entire lineup of phones getting GOS. Currently, it’ll only be their flagship phones using a specific Qualcomm SoC. I’m not that worried that Motorola is now Chinese. I have no doubt GOS will ensure that the hardware and software have tight integration to ensure privacy and security.
4 Likes
Similar arguments could have been made when Andy Rubin’s little-known Camera OS project called Android was held together by duct tape as the entrenched BlackBerry had battle-hardened a pretty solid microkernel over a decade or two.
Like another commentator points out, there’s value in credible alternatives (however imperfect), even if it may seem like the iOS/Android duopoly is insurmountable. I’d point out the utter comic show Android & iOS security postures were back when they started out. In fact, most tech starts out looking like toy projects. The investment, in all sorts of goals like reliability & security, increases with relevance (and funding).
May be you’re right.
I met folks from Furi Labs and Jolla at FOSDEM earlier this month and got to discuss the technical details and both those projects seemed very impressive and the engs working on them very driven. I’d not as easily belittle their effort (not saying that you are!), especially given the team sizes and budget.
The CLOUD Act is worrisome to the point EFF opines that it is a legal (if not a technical) backdoor. Ditto for the UK’s COPA, and the EU’s e-Evidence Regulation, which EFTA members (signatories of the 2007 Lugano Convention like Switzerland) are also subject to.
Anyone who says end-to-end encryption is the answer is not paying attention. For instance, EU’s e-Evidence directive from 2026, specifically authored for “network-based services” like “proxy services”, requires storing even the encrypted data (which clearly, they plan to decrypt if they could obtain the keys, too; which, in some schemes, are derived from or locked behind end-user passwords).
8 Likes
I agree. In fact, I think Linux phones are probably the only viable way out of the disaster of a smartphone ecosystem that we have at the moment, not at all a lost cause.
I think people don’t realize how good they have it to be able to consider Linux phones poor quality, but in truth Linux phones are leagues better than the Android phones I was using 10 years ago. So, I can give Linux some more time to catch up 
8 Likes
12 posts were merged into an existing topic: Motorola confirms GrapheneOS support for a future phone, bringing over features